Code Bazaar

Thursday, July 10, 2014

If you have Linux servers, you must be familiar with SSH - Secure SHell. It is common for administrators to use strong authentication because they have the control of the entire company network and resources.

Sunday, October 16, 2011

Two month ago, I sprained my ankle. Now that my ankle recovered, I feel comfortable running again. My shoes had about 200 miles on them already so I decided to buy a new pair. I went to Texas Running Company and I discovered a very geeky equipment there, and I could not resist to share it on this blog.

I am not an expert in running shoes business but from what I understand there are two types: neutral or stability. Depending on how you run, you will need one or the other. But how do you know which one is good for you? You could ask somebody to run behind you and look, or you can go the techie way. And of course, this is the way I like the best. :)

In the store, they had a camera positioned right behind a treadmill. We recorded 2 short runs (about 30 seconds for each run) and analyzed them. I was honestly very surprised by the results.

The two pictures below shows the two shoe types. On the left, I was trying neutral shoes; on the right it is stability shoes.

As you can see, my right ankle bends inward when my feet is landing with the neutral shoes. The technical term for it is actually overpronation.

Here is the video of the 2 runs.

Since this is a tech blog, I would like to share how I merge the 2 videos I got from the store. I used Avisynth and VirtualDub with the following script.

Wednesday, August 3, 2011

I like to play chess. It is challenging, it requires strategic thinking and it is a great way to clear up your mind. I also like to take my time to play it. It can take a day, a week or even a month! One day I took a picture of the game I was playing to help me to think about it later in the day. This picture gave me the idea to write an application that is capable to analyze the game picture and determine the position of each piece on the board. Maybe someday it could even determine the next best move or continue the game online.

I successfully implemented the first part of the application. This blog post describes how this program is working.

The picture below on the left is the output of the Canny edge detector. The green lines on the right picture are the result of the Hough line detection.

The lines found on the picture above are actually the lines of the chessboard. But in some cases, the objects taken in the picture around the chessboard can bring some confusion. On the left picture, the chairs are introducing some lines that are not part of the board. To filter these lines out, I implemented an algorithm to filter 2 larger sets of lines with a 90-degree angle.

Once I got the 2 sets of 9 perpendicular lines, the program finds all the intersection points between these lines on the picture as shown on the picture on the left.

The program then finds the coordinates of each square that forms the chessboard.

At this point, I was able to isolate each square and process them separately. For example, the program is able to determine whether each square is white or black by calculating its average color and comparing it to the black and white colors. The results were correct except for one of the square because a piece of the opposite color was standing on it. Since the color of the squares of chessboard alternates, I could easily identify these errors.

What's next? I probably completed the easiest part of the project. I expect the chess piece recognition algorithm to be quite complex.

If you have a suggestion to help me finish this app, please leave a comment.

I am working on this project just for fun. If you are interested to see what are the real world applications of computer vision in the game industry, check out this web site: http://www.sportvision.com/.

Friday, June 17, 2011

Today I had a great half-day training on Metasploit and Armitage organized by our local OWASP Austin chapter and hosted by Microsoft. What I learned today was so interesting that I can't resist to share it here.

Raphael Mudge - Designer of Armitage

Metasploit is an open source penetration testing framework. It contains a database of exploits, payloads and post modules. The goal of the training was to find an exploit on a remote machine, run a payload through this exploit and execute a post module (which is what you can do after taking control over the victim's machine). Of course, you can find more detail about it on wikipedia.

Metasploit is a command line tool. To make it easier (and funnier), Raphael Mudge designed Armitage, which is a user interface for Metasploit. Here is how it looks like:

Armitage - GUI for Metasploit

When a machine on the network is comprised, Armitage illustrates it as a monitor wrapped into thunder lights. Perfect for a hacker movie:D

The youtube video below is the screen-cast of the exercises. I show how to setup the lab environment. Then I demonstrate how to use Armitage to find and use an exploit. The video ends with a demonstration of social engineering where the attacker takes full control over the victim's computer.

When I first started Armitage, it could not connect to the database. I had to kill all ruby processes and reconnect again.Once Armitage started, you may be asked to enter your IP address. If you dont you can always set it later by running the following command in the console; it will set a global variable.